package zz.extjs.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import zz.extjs.factory.DAOFactory;
import zz.extjs.vo.Member;

public class CheckMember extends HttpServlet {

	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		this.doPost(request, response);
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		response.setContentType("text/html; charset=utf-8");
		PrintWriter out = response.getWriter();
		// 设置跳转页面为欢迎页面
		String path = "main.jsp";

		//检验是否已登录
		if(request.getSession().getAttribute("user1")!=null){
			out.print("{success:true,url:\"" + path + "\"}");
			return;
		}
		
		String username = request.getParameter("user")==null?(String)request.getAttribute("user"):request.getParameter("user");
		String password = request.getParameter("pass")==null?(String)request.getAttribute("pass"):request.getParameter("pass");
		String savecookie = request.getParameter("saved");
		String code = request.getParameter("checkcode")==null?(String)request.getAttribute("checkcode"):request.getParameter("checkcode");
		String scode = (request.getSession().getAttribute("validate_code"))
				.toString();
		String md5oper = (request.getSession().getAttribute("md5_oper"))
		.toString();	//md5算子，与库中密码连接后md5加密再与form中密码比较
		List errors = new ArrayList();
		Member mem = new Member();
		mem.setUsername(username);
		mem.setPassword(password);
		mem.setErrors(errors);
		
		// String result = "{success:false,errors:[";
		if (!(mem.isEmpty() )) {

			// 用户名、密码不为空，验证
			try {
				// 判断验证码
				if ( scode==null || "".equals(scode) || code==null || "".equals(code) || !(scode.equals(code))) {
					out.print("{success:false,errors:[{id:\"checkcode\",msg:\"验证码不付\"}]}");
					return;
				} else if (DAOFactory.getMemberInstance().isUser(mem, md5oper))// 判断用户名、密码的合法性
				{
					// 合法用户
					// 设置session属性
					request.getSession().setAttribute("user1",
							mem.getUsername());
					//用户权限
					request.getSession().setAttribute("userorbit",
							mem.getUsername());
					if ("on".equals(savecookie)) {

						// 如果选择了保存Cookie选项，则保存Cookie
						Cookie c1 = new Cookie("userinfo", mem.getUsername()+md5oper+mem.getPassword());
						Cookie c2 = new Cookie("loginoper", md5oper);
						// 设置Cookie保存时间为2周
						c1.setMaxAge(14*24*60*60);
						c2.setMaxAge(14*24*60*60);
						response.addCookie(c1);
						response.addCookie(c2);
				        //c=request.getCookies();
				        }
					out.print("{success:true,url:\"" + path + "\"}");
					return;
				} else {
					out.print("{success:false,errors:[{id:\"user\",msg:\"用户名或密码错误\"},{id:\"pass\",msg:\"用户名或密码错误\"}]}");
					return;

					//errors.add("用户名或密码错误！");
				}
			} catch (Exception e) {

				out.print("{success:false,errors:[{id:\"user\",msg:\"数据操作错误\"},{id:\"pass\",msg:\"数据操作错误\"},{id:\"checkcode\",msg:\"数据操作错误\"}]}");
			}
		}else{    //mem.isEmpty() 用于判断用户是否处于登录状态
			out.print("{success:false,errors:[{id:\"user\",msg:\"数据操作错误\"},{id:\"pass\",msg:\"数据操作错误\"},{id:\"checkcode\",msg:\"数据操作错误\"}]}");			
		}
		// 保存错误信息
		//request.setAttribute("errors", errors);
		// 保存用户信息
		//request.setAttribute("member", mem);
		// 跳转
		// request.getRequestDispatcher(path).forward(request, response);
	}
}
